<?php
include_once './includes/common.php';

$act=isset($_GET['act'])?daddslashes($_GET['act']):null;
@header('Content-Type: application/json; charset=UTF-8');
switch($act){
case 'sqquery':
    if ($conf['index_open'] == 1) {
        $proid = intval($_POST['proid']);
        $url = addslashes($_POST['url']);
        $program = $DB->get_row("select * from authguao_program where id='" . $proid . "' limit 1");
        if (!$proid) {
            $result=array("code"=>-1,"msg"=>'请选择查询的程序！');
        } else if (!$program) {
            $result=array("code"=>-1,"msg"=>'该程序不存在！');
        } else if (!$url) {
            $result=array("code"=>-1,"msg"=>'请输入查询的域名！');
        } else if (strexists($url,"http://")) {
            $result = array("code"=>-1,"msg"=>"域名无需输入http://");
        } else if (!strexists($url,".")){
            $result = array("code"=>-1,"msg"=>"域名格式疑似不正确");
        } else {
            $row = $DB->get_row("SELECT * FROM authguao_site WHERE proid='{$proid}' and url='{$url}' limit 1");
            if(!$row){
                $row = $DB->get_row("SELECT * FROM authguao_site WHERE proid='{$proid}' and url='*.".get_host($url)."' limit 1");
            }
            if ($row) {
                if ($row['active'] == 1) {
                    $active = '<font color="green">激活(可以正常使用)</font>';
                } else {
                    $active = '<font color="red">封禁(无法正常使用)</font>';
                }
                if ($row['endtime'] > $date) {
                    $endtime = '<font color="green">未到期(可以正常使用)</font>';
                } else {
                    $endtime = '<font color="red">已到期(无法正常使用)</font>';
                }
                $result=array("code"=>0,"msg"=>'检测程序：' . $program['name'] . '</br>检测域名：' . $url . '</br>检测结果：<font color="green">正版授权</font></br>授权状态：' . $active . '</br>到期状态：' . $endtime);
            } else {
                $result=array("code"=>-1,"msg"=>'检测程序：' . $program['name'] . '</br>检测域名：' . $url . '</br>检测结果：<font color="red">未授权</font>');
            }
        }
    } else {
        $result = array("code"=>-1,"msg"=>"管理员未开启查询模块");
    }
    exit(json_encode($result));
break;
case 'user':
    if ($conf['index_open'] == 1) {
    $qq = addslashes($_POST['qq']);
    if (!$qq) {
        $result=array("code"=>-1,"msg"=>'请输入查询的QQ！');
    } else if (strlen($qq) < 5 || !preg_match('/^[0-9]+$/',$qq)) {
        $result=array("code"=>-1,"msg"=>'请输入正确的QQ！');
    } else {
        if ($qq == $conf['admin_qq'] || $qq == $conf['kfqq']) {
            $result=array("code"=>0,"msg"=>'检测QQ：' . $qq . '</br>检测结果：<font color="green">平台站长</font>');
        } else {
            $row = $DB->get_row("SELECT * FROM authguao_user WHERE qq='{$qq}' limit 1");
            if ($row) {
                if ($row['power'] == 0) {
                    $result=array("code"=>-1,"msg"=>'该QQ不是代理，请谨慎交易！');
                } else {
                    if ($row['power'] == 3) {
                        $power = '全能管理员';
                    } else if ($row['power'] == 2) {
                        $program = $DB->get_row("select * from authguao_program where id='" . $row['proid'] . "' limit 1");
                        $power = $program['name'] . '超级管理员';
                    } else if ($row['power'] == 1) {
                        $program = $DB->get_row("select * from authguao_program where id='" . $row['proid'] . "' limit 1");
                        $power = $program['name'] . '授权商';
                    }
                    if ($row['status']==1) {
                        $status = '<font color="green">激活(可以正常使用)</font>';
                    } else {
                        $status = '<font color="red">封禁(无法正常使用，请谨慎交易)</font>';
                    }
                    $result=array("code"=>0,"msg"=>'检测QQ：' . $qq . '</br>检测结果：<font color="green">' . $power .'</font></br>代理状态：' . $status);
                }
            } else {
                $result=array("code"=>-1,"msg"=>'检测QQ：' . $qq . '</br>检测结果：<font color="red">非代理</font>，请谨慎交易');
            }
        }
    }
    } else {
        $result = array("code"=>-1,"msg"=>"管理员未开启查询模块");
    }
    exit(json_encode($result));
break;
case 'rzquery':
    if ($conf['index_open'] == 1) {
    $proid = intval($_POST['proid']);
    $url = addslashes($_POST['url']);
    $program = $DB->get_row("select * from authguao_program where id='" . $proid . "' limit 1");
    if (!$proid) {
        $result=array("code"=>-1,"msg"=>'请选择查询的程序！');
    } else if (!$program) {
        $result=array("code"=>-1,"msg"=>'该程序不存在！');
    } else if (!$url) {
        $result=array("code"=>-1,"msg"=>'请输入查询的域名！');
    } else if (strexists($url,"http://")) {
        $result = array("code"=>-1,"msg"=>"域名无需输入http://");
    } else if (!strexists($url,".")){
        $result = array("code"=>-1,"msg"=>"域名格式疑似不正确");
    } else {
        $row = $DB->get_row("SELECT * FROM authguao_paysite WHERE proid='{$proid}' and url='{$url}' limit 1");
        if ($row) {
            if ($row['active'] == 1) {
                $active = '<font color="green">激活(可对接)</font>';
            } else {
                $active = '<font color="red">封禁(无法对接)</font>';
            }
            $result=array("code"=>0,"msg"=>'检测程序：' . $program['name'] . '</br>检测域名：' . $url . '</br>检测结果：<font color="green">正版易支付域名认证</font></br>认证状态：' . $active);
        } else {
            $result=array("code"=>-1,"msg"=>'检测程序：' . $program['name'] . '</br>检测域名：' . $url . '</br>检测结果：<font color="red">未认证易支付域名</font>');
        }
    }
    } else {
        $result = array("code"=>-1,"msg"=>"管理员未开启查询模块");
    }
    exit(json_encode($result));
break;
case 'blackquery':
    if ($conf['index_open'] == 1) {
    $qq = addslashes($_POST['qq']);
    if (!$qq) {
        $result=array("code"=>-1,"msg"=>'请输入查询的QQ！');
    } else if (strlen($qq) < 5 || !preg_match('/^[0-9]+$/',$qq)) {
        $result=array("code"=>-1,"msg"=>'请输入正确的QQ！');
    } else {
        $row = $DB->get_row("SELECT * FROM authguao_blacklist WHERE qq='{$qq}' limit 1");
        if ($row) {
            $result=array("code"=>0,"msg"=>'<img src="https://q4.qlogo.cn/g?b=qq&nk='.$qq.'&s=100" height="40">QQ：' . $qq . '['.qqname($qq).']</br>黑名单等级：'.$row['level'].'</br>黑名单时间：'.$row['date'].'</br>黑名单原因：'.$row['note'].'</br>此QQ<font color="red">无法使用</font>该平台，请停止任何交易！');
        } else {
            $result=array("code"=>-1,"msg"=>'<img src="https://q4.qlogo.cn/g?b=qq&nk='.$qq.'&s=100" height="40">QQ：' . $qq . '['.qqname($qq).']</br>尚未列入列表，此QQ可以<font color="green">正常使用</font>本平台！');
        }
    }
    } else {
        $result = array("code"=>-1,"msg"=>"管理员未开启查询模块");
    }
    exit(json_encode($result));
break;
case 'image':
    $image='https://api.ixiaowai.cn/gqapi/gqapi.php';
    $result=array("code"=>1,"image"=>$image);
    exit(json_encode($result));
break;
case 'buyauth':
    if ($conf['buy_open'] == 1) {
    $proid = intval($_POST['proid']);
    $name = addslashes($_POST['name']);
    $qq = addslashes($_POST['qq']);
    $url = addslashes($_POST['url']);
    $uid = 1;
    $program = $DB->get_row("select * from authguao_program where id='" . $proid . "' limit 1");
    $qqrow=$DB->get_row("SELECT * FROM authguao_site WHERE proid='".$proid."' and qq='".$qq."' limit 1");
    $urlrow=$DB->get_row("SELECT * FROM authguao_site WHERE proid='".$proid."' and url='".$url."' limit 1");
    if(!$urlrow){
        $urlrow = $DB->get_row("SELECT * FROM authguao_site WHERE proid='".$proid."' and url='*.".get_host($url)."' limit 1");
    }
    if($conf['invite_rebate_open'] == 1) {
        $invitecode = daddslashes($_POST['invitecode']);
        if ($invitecode) {
            $invitecoderow = $DB->get_row("select * from authguao_user where invitecode='" . $invitecode . "' limit 1");
            if (!$invitecoderow) {
                $result = array("code"=>-1,"msg"=>"邀请码错误或者邀请码不存在！");
                exit(json_encode($result));
            } else if ($invitecoderow) {
                $uid = $invitecoderow['uid'];
            }
        }
    }
    if (!$proid) {
        $result=array("code"=>-1,"msg"=>'AUR温馨提示：请选择授权的程序！');
    } else if (!$program) {
        $result=array("code"=>-1,"msg"=>'该程序不存在！');
    } else if (!$name) {
        $result=array("code"=>-1,"msg"=>'请输入授权的站点名称！');
    } else if (!$qq) {
        $result=array("code"=>-1,"msg"=>'请输入授权的QQ！');
    } else if (strlen($qq) < 5 || !preg_match('/^[0-9]+$/',$qq)) {
        $result=array("code"=>-1,"msg"=>'请输入正确的QQ！');
    } else if (!$url) {
        $result=array("code"=>-1,"msg"=>'请输入授权的域名！');
    } else if (strexists($url,"http://")) {
        $result = array("code"=>-1,"msg"=>"域名无需输入http://");
    } else if (!strexists($url,".")){
        $result = array("code"=>-1,"msg"=>"域名格式疑似不正确");
    } else if ($urlrow) {
        $result=array("code"=>-1,"msg"=>'此域名，该程序中已存在！');
    } else {
        $money = $program['sqprice'];
        if ($money == 0){
            if ($conf['captcha_open_buy'] == 1 && $conf['captcha_open'] == 1) {
                if (isset($_POST['geetest_challenge']) && isset($_POST['geetest_validate']) && isset($_POST['geetest_seccode'])) {
                    require_once SYSTEM_ROOT.'class.geetestlib.php';
                    $GtSdk = new GeetestLib($conf['captcha_id'], $conf['captcha_key']);
                    $data = array('user_id' => $cookiesid,'client_type' => "web",'ip_address' => $clientip);
                    if ($_SESSION['gtserver'] == 1) {   //服务器正常
                        $result = $GtSdk->success_validate($_POST['geetest_challenge'], $_POST['geetest_validate'], $_POST['geetest_seccode'], $data);
                        if ($result) {
                            //echo '{"status":"success"}';
                        } else {
                            $result = array("code"=>-1,"msg"=>"验证失败，请重新验证");
    exit(json_encode($result));
                        }
                    } else {  //服务器宕机,走failback模式
                        if ($GtSdk->fail_validate($_POST['geetest_challenge'],$_POST['geetest_validate'],$_POST['geetest_seccode'])) {
                            //echo '{"status":"success"}';
                        } else {
                            $result = array("code"=>-1,"msg"=>"验证失败，请重新验证");
    exit(json_encode($result));
                        }
                    }
                } else {
                    $result = array("code"=>2,"type"=>1,"msg"=>"请先完成验证");
                }
            } else if ($conf['captcha_open_buy'] == 1 && $conf['captcha_open'] == 2) {
                if (isset($_POST['token'])) {
                    require_once SYSTEM_ROOT.'class.dingxiang.php';
                    $client = new CaptchaClient($conf['captcha_id'], $conf['captcha_key']);
                    $client->setTimeOut(2);
                    $response = $client->verifyToken($_POST['token']);
                    if ($response->result) {
                        /**token验证通过，继续其他流程**/
                    } else {
                        /**token验证失败**/
                        $result = array("code"=>-1,"msg"=>"验证失败，请重新验证");
    exit(json_encode($result));
                    }
                } else {
                    $result = array("code"=>2,"type"=>2,"appid"=>$conf['captcha_id'],"msg"=>"请先完成验证");
    exit(json_encode($result));
                }
            } else if($conf['captcha_open_buy'] == 1 && $conf['captcha_open'] == 3) {
                if (isset($_POST['token'])) {
                    if (vaptcha_verify($conf['captcha_id'], $conf['captcha_key'], $_POST['token'], $clientip)) {
                        /**token验证通过，继续其他流程**/
                    } else {
                        /**token验证失败**/
                        $result = array("code"=>-1,"msg"=>"验证失败，请重新验证");
    exit(json_encode($result));
                    }
                } else {
                    $result = array("code"=>3,"type"=>2,"appid"=>$conf['captcha_id'],"msg"=>"请先完成验证");
    exit(json_encode($result));
                }
            }
        }
        $trade_no = date("YmdHis").rand(111,999);
        if ($qqrow && $program['ipauth'] == 0) {
            $sign = $qqrow['sign'];
            $authcode = $qqrow['authcode'];
        } else {
            $signrow = $DB->get_row("SELECT * FROM authguao_site WHERE 1 order by sign desc limit 1");
            $sign = $signrow['sign']+1;
            $authcode = md5(random(32).$qq);
        }
if($conf['auth_time_type']==2){
    $endtime=date('Y-m-d', strtotime('+'.$conf['auth_time'].' years'));
}elseif($conf['auth_time_type']==1){
    $endtime=date('Y-m-d', strtotime('+'.$conf['auth_time'].' months'));
}else{
    $endtime=date('Y-m-d', strtotime('+'.$conf['auth_time'].' days'));
}
        if ($conf['invite_rebate_open'] == 1) {
            $input = $uid.'|'.$proid.'|'.$name.'|'.$qq.'|'.$url.'|'.$authcode.'|'.$sign.'|'.$endtime.'|'.$invitecode;
        } else {
            $input = $uid.'|'.$proid.'|'.$name.'|'.$qq.'|'.$url.'|'.$authcode.'|'.$sign.'|'.$endtime;
        }
        if ($money == 0) {
            $sql="insert into `authguao_site` (`uid`,`proid`,`name`,`qq`,`url`,`date`,`authcode`,`active`,`sign`,`token`,`endtime`) values ('".$uid."','".$proid."','".$name."','".$qq."','".$url."','".$date."','".$authcode."','1','".$sign."','".random(32)."','".$endtime."')";
            if ($DB->query($sql)) {
                $result = array("code"=>1,"msg"=>'程序：'.$program['name'].'</br>结果：<font color="green">开通成功</font>');
            } else {
                $result = array("code"=>-1,"msg"=>'程序：'.$program['name'].'</br>结果：<font color="red">开通失败</font>'.$DB->error());
            }
        } else {
            $sql="insert into `authguao_pay` (`trade_no`,`type`,`input`,`name`,`money`,`ip`,`addtime`,`status`) values ('".$trade_no."','2','".$input."','购买程序".$program['name']."的授权','".$money."','".$clientip."','".$date."','0')";
            if ($DB->query($sql)) {
                $result = array("code"=>0,"msg"=>'程序：'.$program['name'].'</br>结果：<font color="green">提交订单成功</font>',"trade_no"=>$trade_no,"money"=>$money,"pay_alipay"=>$conf['alipay_api'],"pay_wxpay"=>$conf['wxpay_api'],"pay_qqpay"=>2);
            } else {
                $result = array("code"=>-1,"msg"=>'程序：'.$program['name'].'</br>结果：<font color="red">提交订单失败</font>'.$DB->error());
            }
        }
    }
    } else {
        $result = array("code"=>-1,"msg"=>"管理员未开启在线购买模块");
    }
    exit(json_encode($result));
break;
case 'buypay':
    if ($conf['buy_open'] == 1) {
    $proid = intval($_POST['proid']);
    $name = addslashes($_POST['name']);
    $qq = addslashes($_POST['qq']);
    $url = addslashes($_POST['url']);
    $uid = 1;
    $program = $DB->get_row("select * from authguao_program where id='" . $proid . "' limit 1");
    $urlrow=$DB->get_row("SELECT * FROM authguao_paysite WHERE proid='".$proid."' and url='".$url."' limit 1");
    if($conf['invite_rebate_open'] == 1) {
        $invitecode = daddslashes($_POST['invitecode']);
        if ($invitecode) {
            $invitecoderow = $DB->get_row("select * from authguao_user where invitecode='" . $invitecode . "' limit 1");
            if (!$invitecoderow) {
                $result = array("code"=>-1,"msg"=>"邀请码错误或者邀请码不存在！");
                exit(json_encode($result));
            } else if ($invitecoderow) {
                $uid = $invitecoderow['uid'];
            }
        }
    }
    if (!$proid) {
        $result=array("code"=>-1,"msg"=>'请选择授权的程序！');
    } else if (!$program) {
        $result=array("code"=>-1,"msg"=>'该程序不存在！');
    } else if (!$name) {
        $result=array("code"=>-1,"msg"=>'请输入认证的站点名称！');
    } else if (!$qq) {
        $result=array("code"=>-1,"msg"=>'请输入认证的QQ！');
    } else if (strlen($qq) < 5 || !preg_match('/^[0-9]+$/',$qq)) {
        $result=array("code"=>-1,"msg"=>'请输入正确的QQ！');
    } else if (!$url) {
        $result=array("code"=>-1,"msg"=>'请输入认证的域名！');
    } else if (strexists($url,"http://")) {
        $result = array("code"=>-1,"msg"=>"域名无需输入http://");
    } else if (!strexists($url,".")){
        $result = array("code"=>-1,"msg"=>"域名格式疑似不正确");
    } else if ($urlrow) {
        $result=array("code"=>-1,"msg"=>'此域名，该程序中已存在！');
    } else {
        $money = $program['rzprice'];
        if ($money == 0){
            if ($conf['captcha_open_buy'] == 1 && $conf['captcha_open'] == 1) {
                if (isset($_POST['geetest_challenge']) && isset($_POST['geetest_validate']) && isset($_POST['geetest_seccode'])) {
                    require_once SYSTEM_ROOT.'class.geetestlib.php';
                    $GtSdk = new GeetestLib($conf['captcha_id'], $conf['captcha_key']);
                    $data = array('user_id' => $cookiesid,'client_type' => "web",'ip_address' => $clientip);
                    if ($_SESSION['gtserver'] == 1) {   //服务器正常
                        $result = $GtSdk->success_validate($_POST['geetest_challenge'], $_POST['geetest_validate'], $_POST['geetest_seccode'], $data);
                        if ($result) {
                            //echo '{"status":"success"}';
                        } else {
                            $result = array("code"=>-1,"msg"=>"验证失败，请重新验证");
    exit(json_encode($result));
                        }
                    } else {  //服务器宕机,走failback模式
                        if ($GtSdk->fail_validate($_POST['geetest_challenge'],$_POST['geetest_validate'],$_POST['geetest_seccode'])) {
                            //echo '{"status":"success"}';
                        } else {
                            $result = array("code"=>-1,"msg"=>"验证失败，请重新验证");
    exit(json_encode($result));
                        }
                    }
                } else {
                    $result = array("code"=>2,"type"=>1,"msg"=>"请先完成验证");
                }
            } else if ($conf['captcha_open_buy'] == 1 && $conf['captcha_open'] == 2) {
                if (isset($_POST['token'])) {
                    require_once SYSTEM_ROOT.'class.dingxiang.php';
                    $client = new CaptchaClient($conf['captcha_id'], $conf['captcha_key']);
                    $client->setTimeOut(2);
                    $response = $client->verifyToken($_POST['token']);
                    if ($response->result) {
                        /**token验证通过，继续其他流程**/
                    } else {
                        /**token验证失败**/
                        $result = array("code"=>-1,"msg"=>"验证失败，请重新验证");
    exit(json_encode($result));
                    }
                } else {
                    $result = array("code"=>2,"type"=>2,"appid"=>$conf['captcha_id'],"msg"=>"请先完成验证");
    exit(json_encode($result));
                }
            } else if($conf['captcha_open_buy'] == 1 && $conf['captcha_open'] == 3) {
                if (isset($_POST['token'])) {
                    if (vaptcha_verify($conf['captcha_id'], $conf['captcha_key'], $_POST['token'], $clientip)) {
                        /**token验证通过，继续其他流程**/
                    } else {
                        /**token验证失败**/
                        $result = array("code"=>-1,"msg"=>"验证失败，请重新验证");
    exit(json_encode($result));
                    }
                } else {
                    $result = array("code"=>3,"type"=>2,"appid"=>$conf['captcha_id'],"msg"=>"请先完成验证");
    exit(json_encode($result));
                }
            }
        }
        $trade_no = date("YmdHis").rand(111,999);
        if($conf['invite_rebate_open'] == 1) {
            $input = $uid.'|'.$proid.'|'.$name.'|'.$qq.'|'.$url.'|'.$invitecode;
        } else {
            $input = $uid.'|'.$proid.'|'.$name.'|'.$qq.'|'.$url;
        }
        if ($money == 0) {
            $sql = "insert into `authguao_paysite` (`uid`,`proid`,`name`,`qq`,`url`,`date`,`active`) values ('".$uid."','".$proid."','".$name."','".$qq."','".$url."','".$date."','1')";
            if($DB->query($sql)) {
                $result = array("code"=>1,"msg"=>'程序：'.$program['name'].'</br>结果：<font color="green">开通成功</font>');
            } else {
                $result = array("code"=>-1,"msg"=>'程序：'.$program['name'].'</br>结果：<font color="red">开通失败</font>'.$DB->error());
            }
        } else {
            $sql = "insert into `authguao_pay` (`trade_no`,`type`,`input`,`name`,`money`,`ip`,`addtime`,`status`) values ('".$trade_no."','3','".$input."','购买程序".$program['name']."的认证','".$money."','".$clientip."','".$date."','0')";
            if ($DB->query($sql)) {
                $result = array("code"=>0,"msg"=>'程序：'.$program['name'].'</br>结果：<font color="green">提交订单成功</font>',"trade_no"=>$trade_no,"money"=>$money,"pay_alipay"=>$conf['alipay_api'],"pay_wxpay"=>$conf['wxpay_api'],"pay_qqpay"=>2);
            } else {
                $result = array("code"=>-1,"msg"=>'程序：'.$program['name'].'</br>结果：<font color="red">提交订单失败</font>'.$DB->error());
            }
        }
    }
    } else {
        $result = array("code"=>-1,"msg"=>"管理员未开启在线购买模块");
    }
    exit(json_encode($result));
break;
case 'buyuser':
    if ($conf['buy_open'] == 1) {
    $proid = intval($_POST['proid']);
    $user = addslashes($_POST['user']);
    $pwd = addslashes($_POST['pwd']);
    $qq = addslashes($_POST['qq']);
    $power = intval($_POST['power']);
    $email = addslashes($_POST['email']);
    $uid = 1;
    $program = $DB->get_row("select * from authguao_program where id='" . $proid . "' limit 1");
    $urlrow=$DB->get_row("SELECT * FROM authguao_paysite WHERE proid='".$proid."' and url='".$url."' limit 1");
    if($conf['invite_rebate_open'] == 1) {
        $invitecode = daddslashes($_POST['invitecode']);
        if ($invitecode) {
            $invitecoderow = $DB->get_row("select * from authguao_user where invitecode='" . $invitecode . "' limit 1");
            if (!$invitecoderow) {
                $result = array("code"=>-1,"msg"=>"邀请码错误或者邀请码不存在！");
                exit(json_encode($result));
            } else if ($invitecoderow) {
                $uid = $invitecoderow['uid'];
            }
        }
    }
    if (!$proid && $power < 3) {
        $result=array("code"=>-1,"msg"=>'请选择授权的程序！');
    } else if (!$program) {
        $result=array("code"=>-1,"msg"=>'该程序不存在！');
    } else if (!$user) {
        $result=array("code"=>-1,"msg"=>'请输入账号！');
    } else if (!$pwd) {
        $result=array("code"=>-1,"msg"=>'请输入密码！');
    } else if (!$qq) {
        $result=array("code"=>-1,"msg"=>'请输入QQ！');
    } else if (!$email) {
        $result=array("code"=>-1,"msg"=>'请输入邮箱号！');
    } else if (!preg_match('/^[a-zA-Z0-9]+$/',$user)) {
        $result=array("code"=>-1,"msg"=>'用户名只能为英文或数字！');
    } else if ($DB->get_row("SELECT * FROM authguao_user WHERE user='{$user}' limit 1")) {
        $result=array("code"=>-1,"msg"=>'用户名已存在！');
    } else if ($pwd == $user) {
        $result=array("code"=>-1,"msg"=>'账号密码不能相同！');
    } else if ($pwd == $email) {
        $result=array("code"=>-1,"msg"=>'密码不能和邮箱相同！');
    } else if (strlen($qq) < 5 || !preg_match('/^[0-9]+$/',$qq)) {
        $result=array("code"=>-1,"msg"=>'请输入正确的QQ！');
    } else if(!preg_match('/^[A-z0-9._-]+@[A-z0-9._-]+\.[A-z0-9._-]+$/', $email)){
        $result=array("code"=>-1,"msg"=>'请输入正确的邮箱！');
    } else if ($DB->get_row("SELECT * FROM authguao_user WHERE qq='{$qq}' limit 1")) {
        $result=array("code"=>-1,"msg"=>'QQ已存在！');
    } else if ($DB->get_row("SELECT * FROM authguao_user WHERE email='{$email}' limit 1")) {
        $result=array("code"=>-1,"msg"=>'邮箱号已存在！');
    } else {
        if ($power == 1) {
            $money = $program['sqsprice'];
            $power_name = '授权商';
            $pro_name = '程序：'.$program['name'].'</br>';
            $name = '购买程序'.$program['name'].'的授权商';
        } else if ($power == 2) {
            $money = $program['cgprice'];
            $power_name = '超级管理员';
            $pro_name = '程序：'.$program['name'].'</br>';
            $name = '购买程序'.$program['name'].'的超级管理员';
        } else if ($power == 3) {
            $money = $conf['qnprice'];
            $power_name = '全能管理员';
            $name = '购买平台全能管理员';
            $proid = '';
        }
        if ($money == 0){
            if ($conf['captcha_open_buy'] == 1 && $conf['captcha_open'] == 1) {
                if (isset($_POST['geetest_challenge']) && isset($_POST['geetest_validate']) && isset($_POST['geetest_seccode'])) {
                    require_once SYSTEM_ROOT.'class.geetestlib.php';
                    $GtSdk = new GeetestLib($conf['captcha_id'], $conf['captcha_key']);
                    $data = array('user_id' => $cookiesid,'client_type' => "web",'ip_address' => $clientip);
                    if ($_SESSION['gtserver'] == 1) {   //服务器正常
                        $result = $GtSdk->success_validate($_POST['geetest_challenge'], $_POST['geetest_validate'], $_POST['geetest_seccode'], $data);
                        if ($result) {
                            //echo '{"status":"success"}';
                        } else {
                            $result = array("code"=>-1,"msg"=>"验证失败，请重新验证");
    exit(json_encode($result));
                        }
                    } else {  //服务器宕机,走failback模式
                        if ($GtSdk->fail_validate($_POST['geetest_challenge'],$_POST['geetest_validate'],$_POST['geetest_seccode'])) {
                            //echo '{"status":"success"}';
                        } else {
                            $result = array("code"=>-1,"msg"=>"验证失败，请重新验证");
    exit(json_encode($result));
                        }
                    }
                } else {
                    $result = array("code"=>2,"type"=>1,"msg"=>"请先完成验证");
                }
            } else if ($conf['captcha_open_buy'] == 1 && $conf['captcha_open'] == 2) {
                if (isset($_POST['token'])) {
                    require_once SYSTEM_ROOT.'class.dingxiang.php';
                    $client = new CaptchaClient($conf['captcha_id'], $conf['captcha_key']);
                    $client->setTimeOut(2);
                    $response = $client->verifyToken($_POST['token']);
                    if ($response->result) {
                        /**token验证通过，继续其他流程**/
                    } else {
                        /**token验证失败**/
                        $result = array("code"=>-1,"msg"=>"验证失败，请重新验证");
    exit(json_encode($result));
                    }
                } else {
                    $result = array("code"=>2,"type"=>2,"appid"=>$conf['captcha_id'],"msg"=>"请先完成验证");
    exit(json_encode($result));
                }
            } else if($conf['captcha_open_buy'] == 1 && $conf['captcha_open'] == 3) {
                if (isset($_POST['token'])) {
                    if (vaptcha_verify($conf['captcha_id'], $conf['captcha_key'], $_POST['token'], $clientip)) {
                        /**token验证通过，继续其他流程**/
                    } else {
                        /**token验证失败**/
                        $result = array("code"=>-1,"msg"=>"验证失败，请重新验证");
    exit(json_encode($result));
                    }
                } else {
                    $result = array("code"=>3,"type"=>2,"appid"=>$conf['captcha_id'],"msg"=>"请先完成验证");
    exit(json_encode($result));
                }
            }
        }
        $trade_no = date("YmdHis").rand(111,999);
        if ($conf['invite_rebate_open'] == 1) {
            $input = $uid.'|'.$power.'|'.$proid.'|'.$user.'|'.$pwd.'|'.$qq.'|'.$email.'|'.$invitecode;
        } else {
            $input = $uid.'|'.$power.'|'.$proid.'|'.$user.'|'.$pwd.'|'.$qq.'|'.$email;
        }
        if ($money == 0) {
            $sql = "insert into `authguao_user` (`upuid`,`power`,`proid`,`user`,`pwd`,`rmb`,`qq`,`email`,`invitecode`,`addtime`,`status`) values ('" . $uid . "','" . $power . "','" . $proid . "','" . $user . "','" . $pwd . "','0.00','" . $qq . "','" . $email . "','" . random(8) . "','" . $date . "','1')";
            if ($DB->query($sql)) {
                $result = array("code"=>1,"msg"=>$pro_name.'结果：<font color="green">开通成功</font></br>权限等级：'.$power_name);
            } else {
                $result = array("code"=>-1,"msg"=>$pro_name.'结果：<font color="red">开通失败</font></br>权限等级：'.$power_name.$DB->error());
            }
        } else {
            $sql="insert into `authguao_pay` (`trade_no`,`type`,`input`,`name`,`money`,`ip`,`addtime`,`status`) values ('".$trade_no."','4','".$input."','".$name."','".$money."','".$clientip."','".$date."','0')";
            if ($DB->query($sql)) {
                $result = array("code"=>0,"msg"=>$pro_name.'结果：<font color="green">提交订单成功</font></br>权限等级：'.$power_name,"trade_no"=>$trade_no,"money"=>$money,"pay_alipay"=>$conf['alipay_api'],"pay_wxpay"=>$conf['wxpay_api'],"pay_qqpay"=>2);
            } else {
                $result = array("code"=>-1,"msg"=>$pro_name.'结果：<font color="red">提交订单失败</font></br>权限等级：'.$power_name.$DB->error());
            }
        }
    }
    } else {
        $result = array("code"=>-1,"msg"=>"管理员未开启在线购买模块");
    }
    exit(json_encode($result));
break;
case 'authchange':
    if ($conf['kmchange_open'] == 1) {
    $name = addslashes($_POST['name']);
    $qq = addslashes($_POST['qq']);
    $url = addslashes($_POST['url']);
    $km = addslashes($_POST['km']);
    $uid = 1;
    $authkmrow = $DB->get_row("select * from authguao_dhklist where km='" . $km . "' and type=1 limit 1");
    $kmrow = $DB->get_row("select * from authguao_dhklist where km='" . $km . "' limit 1");
    if (!$kmrow) {
        $result=array("code"=>-1,"msg"=>'该兑换卡不存在！');
    } else if ($kmrow['status'] == 1) {
        $result=array("code"=>-1,"msg"=>'该兑换卡已被使用！');
    } else if ($authkmrow) {
        $program = $DB->get_row("select * from authguao_program where id='" . $authkmrow['proid'] . "' limit 1");
        $qqrow=$DB->get_row("SELECT * FROM authguao_site WHERE proid='".$authkmrow['proid']."' and qq='".$qq."' limit 1");
        $urlrow=$DB->get_row("SELECT * FROM authguao_site WHERE proid='".$authkmrow['proid']."' and url='".$url."' limit 1");
        if ($authkmrow['status'] == 1) {
            $result=array("code"=>-1,"msg"=>'该授权兑换卡已被使用！');
        } else if (!$program) {
            $result=array("code"=>-1,"msg"=>'该授权兑换卡已经报废，无法使用！');
        } else if (!$name) {
            $result=array("code"=>-1,"msg"=>'请输入授权的站点名称！');
        } else if (!$qq) {
            $result=array("code"=>-1,"msg"=>'请输入授权的QQ！');
        } else if (strlen($qq) < 5 || !preg_match('/^[0-9]+$/',$qq)) {
            $result=array("code"=>-1,"msg"=>'请输入正确的QQ！');
        } else if (!$url) {
            $result=array("code"=>-1,"msg"=>'请输入授权的域名！');
        } else if (strexists($url,"http://")) {
            $result = array("code"=>-1,"msg"=>"域名无需输入http://");
        } else if (!strexists($url,".")){
            $result = array("code"=>-1,"msg"=>"域名格式疑似不正确");
        } else if ($urlrow) {
            $result=array("code"=>-1,"msg"=>'此域名，该授权程序中已存在！');
        } else {
            if ($qqrow && $program['ipauth'] == 0) {
                $sign = $qqrow['sign'];
                $authcode = $qqrow['authcode'];
            } else {
                $signrow = $DB->get_row("SELECT * FROM authguao_site WHERE 1 order by sign desc limit 1");
                $sign = $signrow['sign']+1;
                $authcode = md5(random(32).$qq);
            }
            if($conf['auth_time_type']==2){
    $endtime=date('Y-m-d', strtotime('+'.$conf['auth_time'].' years'));
}elseif($conf['auth_time_type']==1){
    $endtime=date('Y-m-d', strtotime('+'.$conf['auth_time'].' months'));
}else{
    $endtime=date('Y-m-d', strtotime('+'.$conf['auth_time'].' days'));
}
            $sql="insert into `authguao_site` (`uid`,`proid`,`name`,`qq`,`url`,`date`,`authcode`,`active`,`sign`,`token`,`endtime`) values ('".$uid."','".$authkmrow['proid']."','".$name."','".$qq."','".$url."','".$date."','".$authcode."','1','".$sign."','".random(32)."','".$endtime."')";
            if ($DB->query($sql)) {
                $DB->query("update authguao_dhklist set lasttime='".$date."',status = 1 where id='".$authkmrow['id']."'");
                $result = array("code"=>0,"msg"=>'程序：'.$program['name'].'</br>结果：<font color="green">开通成功</font>');
            } else {
                $result = array("code"=>-1,"msg"=>'程序：'.$program['name'].'</br>结果：<font color="red">开通失败</font>'.$DB->error());
            }
        }
    } else {
        if ($kmrow['type'] == 2) {
            $result=array("code"=>-1,"msg"=>'该兑换卡是易支付域名认证兑换卡！');
        } else if ($kmrow['type'] == 3) {
            $result=array("code"=>-1,"msg"=>'该兑换卡是权限兑换卡！');
        } else {
            $result=array("code"=>-1,"msg"=>'该兑换卡可能不存在！');
        }
    }
    } else {
        $result = array("code"=>-1,"msg"=>"管理员未开启在线兑换模块");
    }
    exit(json_encode($result));
break;
case 'paychange':
    if ($conf['kmchange_open'] == 1) {
    $name = addslashes($_POST['name']);
    $qq = addslashes($_POST['qq']);
    $url = addslashes($_POST['url']);
    $km = addslashes($_POST['km']);
    $uid = 1;
    $paykmrow = $DB->get_row("select * from authguao_dhklist where km='" . $km . "' and type=2 limit 1");
    $kmrow = $DB->get_row("select * from authguao_dhklist where km='" . $km . "' limit 1");
    if (!$kmrow) {
        $result=array("code"=>-1,"msg"=>'该兑换卡不存在！');
    } else if ($kmrow['status'] == 1) {
        $result=array("code"=>-1,"msg"=>'该兑换卡已被使用！');
    } else if ($paykmrow) {
        $program = $DB->get_row("select * from authguao_program where id='" . $paykmrow['proid'] . "' limit 1");
        $urlrow=$DB->get_row("SELECT * FROM authguao_site WHERE proid='".$paykmrow['proid']."' and url='".$url."' limit 1");
        if(!$urlrow){
            $urlrow = $DB->get_row("SELECT * FROM authguao_site WHERE proid='".$paykmrow['proid']."' and url='*.".get_host($url)."' limit 1");
        }
        if ($paykmrow['status'] == 1) {
            $result=array("code"=>-1,"msg"=>'该授权兑换卡已被使用！');
        } else if (!$program) {
            $result=array("code"=>-1,"msg"=>'该认证兑换卡已经报废，无法使用！');
        } else if (!$name) {
            $result=array("code"=>-1,"msg"=>'请输入认证的站点名称！');
        } else if (!$qq) {
            $result=array("code"=>-1,"msg"=>'请输入认证的QQ！');
        } else if (strlen($qq) < 5 || !preg_match('/^[0-9]+$/',$qq)) {
            $result=array("code"=>-1,"msg"=>'请输入正确的QQ！');
        } else if (!$url) {
            $result=array("code"=>-1,"msg"=>'请输入认证的域名！');
        } else if (strexists($url,"http://")) {
            $result = array("code"=>-1,"msg"=>"域名无需输入http://");
        } else if (!strexists($url,".")){
            $result = array("code"=>-1,"msg"=>"域名格式疑似不正确");
        } else if ($urlrow) {
            $result=array("code"=>-1,"msg"=>'此域名，该认证程序中已存在！');
        } else {
            $sql="insert into `authguao_paysite` (`uid`,`proid`,`name`,`qq`,`url`,`date`,`active`) values ('".$uid."','".$paykmrow['proid']."','".$name."','".$qq."','".$url."','".$date."','1')";
            if ($DB->query($sql)) {
                $DB->query("update authguao_dhklist set lasttime='".$date."',status = 1 where id='".$paykmrow['id']."'");
                $result = array("code"=>0,"msg"=>'程序：'.$program['name'].'</br>结果：<font color="green">开通成功</font>');
            } else {
                $result = array("code"=>-1,"msg"=>'程序：'.$program['name'].'</br>结果：<font color="red">开通失败</font>'.$DB->error());
            }
        }
    } else {
        if ($kmrow['type'] == 3) {
            $result=array("code"=>-1,"msg"=>'该兑换卡是权限兑换卡！');
        } else if ($kmrow['type'] == 1) {
            $result=array("code"=>-1,"msg"=>'该兑换卡是域名授权兑换卡！');
        } else {
            $result=array("code"=>-1,"msg"=>'该兑换卡可能不存在！');
        }
    }
    } else {
        $result = array("code"=>-1,"msg"=>"管理员未开启在线兑换模块");
    }
    exit(json_encode($result));
break;
case 'userchange':
    if ($conf['kmchange_open'] == 1) {
    $user = addslashes($_POST['user']);
    $pwd = addslashes($_POST['pwd']);
    $qq = addslashes($_POST['qq']);
    $email = addslashes($_POST['email']);
    $km = addslashes($_POST['km']);
    $uid = 1;
    $userkmrow = $DB->get_row("select * from authguao_dhklist where km='" . $km . "' and type=3 limit 1");
    $kmrow = $DB->get_row("select * from authguao_dhklist where km='" . $km . "' limit 1");
    if (!$kmrow) {
        $result=array("code"=>-1,"msg"=>'该兑换卡不存在！');
    } else if ($kmrow['status'] == 1) {
        $result=array("code"=>-1,"msg"=>'该兑换卡已被使用！');
    } else if ($userkmrow) {
        $program = $DB->get_row("select * from authguao_program where id='" . $userkmrow['proid'] . "' limit 1");
        $urlrow=$DB->get_row("SELECT * FROM authguao_paysite WHERE proid='".$userkmrow['proid']."' and url='".$url."' limit 1");
        if ($userkmrow['status'] == 1) {
            $result=array("code"=>-1,"msg"=>'该权限兑换卡已被使用！');
        } else if (!$program && $userkmrow['power'] < 3) {
            $result=array("code"=>-1,"msg"=>'该权限兑换卡已经报废，无法使用！');
        } else if (!$user) {
            $result=array("code"=>-1,"msg"=>'请输入账号！');
        } else if (!$pwd) {
            $result=array("code"=>-1,"msg"=>'请输入密码！');
        } else if (!$qq) {
            $result=array("code"=>-1,"msg"=>'请输入QQ！');
        } else if (!$email) {
            $result=array("code"=>-1,"msg"=>'请输入邮箱号！');
        } else if (!preg_match('/^[a-zA-Z0-9]+$/',$user)) {
            $result=array("code"=>-1,"msg"=>'用户名只能为英文或数字！');
        } else if ($DB->get_row("SELECT * FROM authguao_user WHERE user='{$user}' limit 1")) {
            $result=array("code"=>-1,"msg"=>'用户名已存在！');
        } else if ($pwd == $user) {
            $result=array("code"=>-1,"msg"=>'账号密码不能相同！');
        } else if ($pwd == $email) {
            $result=array("code"=>-1,"msg"=>'密码不能和邮箱相同！');
        } else if (strlen($qq) < 5 || !preg_match('/^[0-9]+$/',$qq)) {
            $result=array("code"=>-1,"msg"=>'请输入正确的QQ！');
        } else if(!preg_match('/^[A-z0-9._-]+@[A-z0-9._-]+\.[A-z0-9._-]+$/', $email)){
            $result=array("code"=>-1,"msg"=>'请输入正确的邮箱！');
        } else if ($DB->get_row("SELECT * FROM authguao_user WHERE qq='{$qq}' limit 1")) {
            $result=array("code"=>-1,"msg"=>'QQ已存在！');
        } else if ($DB->get_row("SELECT * FROM authguao_user WHERE email='{$email}' limit 1")) {
            $result=array("code"=>-1,"msg"=>'邮箱号已存在！');
        } else {
            if ($userkmrow['power'] == 1) {
                $money = $program['sqsprice'];
                $power_name = '授权商';
                $pro_name = '程序：'.$program['name'].'</br>';
                $proid = $userkmrow['proid'];
            } else if ($userkmrow['power'] == 2) {
                $money = $program['cgprice'];
                $power_name = '超级管理员';
                $pro_name = '程序：'.$program['name'].'</br>';
                $proid = $userkmrow['proid'];
            } else if ($userkmrow['power'] == 3) {
                $money = $conf['qnprice'];
                $power_name = '全能管理员';
                $proid = '';
            }
            $sql = "insert into `authguao_user` (`upuid`,`power`,`proid`,`user`,`pwd`,`rmb`,`qq`,`email`,`invitecode`,`addtime`,`status`) values ('" . $uid . "','" . $userkmrow['power'] . "','" . $proid . "','" . $user . "','" . $pwd . "','0.00','" . $qq . "','" . $email . "','" . random(8) . "','" . $date . "','1')";
            if($DB->query($sql)){
                $DB->query("update authguao_dhklist set lasttime='".$date."',status = 1 where id='".$userkmrow['id']."'");
                $result = array("code"=>0,"msg"=>$pro_name.'结果：<font color="green">开通成功</font></br>权限等级：'.$power_name);
            }else{
                $result = array("code"=>-1,"msg"=>$pro_name.'结果：<font color="red">开通失败</font></br>权限等级：'.$power_name.$DB->error());
            }
        }
    } else {
        if ($kmrow['type'] == 2) {
            $result=array("code"=>-1,"msg"=>'该兑换卡是易支付域名认证兑换卡！');
        } else if ($kmrow['type'] == 1) {
            $result=array("code"=>-1,"msg"=>'该兑换卡是域名授权兑换卡！');
        } else {
            $result=array("code"=>-1,"msg"=>'该兑换卡可能不存在！');
        }
    }
    } else {
        $result = array("code"=>-1,"msg"=>"管理员未开启在线兑换模块");
    }
    exit(json_encode($result));
break;
case 'getcode':
    $type = intval($_GET['type']);
    $proid = intval($_POST['proid']);
    $qq = daddslashes($_POST['qq']);
    $email = daddslashes($qq.'@qq.com');
    if ($type == 'download') {
        $db_name = 'authguao_site';
        $names = '下载源码';
        $namess = '授权';
    } else {
        if ($type == 1) {
            $db_name = 'authguao_site';
            $name = '授权';
        } else {
            $db_name = 'authguao_paysite';
            $name = '认证';
        }
        $names = '更换'.$name;
        $namess = $name;
    }
    if (!$proid) {
        $result=array("code"=>-1,"msg"=>'请选择程序！');
    } else if (!$qq) {
        $result=array("code"=>-1,"msg"=>'请输入'.$namess.'的QQ！');
    } else if (strlen($qq) < 5 || !preg_match('/^[0-9]+$/',$qq)) {
        $result=array("code"=>-1,"msg"=>'请输入正确的QQ！');
    } else if (isset($_SESSION['send_mail']) && $_SESSION['send_mail'] > TIMESTAMP - 120) {
        $result=array("code"=>-1,"msg"=>'请2分钟后在发送验证码！');
    } else {
        $program = $DB->get_row("select * from authguao_program where id='" . $proid . "' limit 1");
        $qqrow = $DB->get_row("SELECT * FROM ".$db_name." WHERE proid='".$proid."' and qq='".$qq."' limit 1");
        $coderow=$DB->get_row("select * from authguao_code where hm='".$email."' order by id desc limit 1");
        $emailcount=$DB->count("select count(*) from authguao_code where hm='".$email."' and time>'".(TIMESTAMP-3600*24)."'");
        $ipcount=$DB->count("select count(*) from authguao_code where ip='".$clientip."' and time>'".(TIMESTAMP-3600*24)."'");
        if (!$program) {
            $result=array("code"=>-1,"msg"=>'该程序不存在！');
        } else if (!$qqrow) {
            $result=array("code"=>-1,"msg"=>'该程序中不存在该QQ的'.$name.'！');
        } else if ($coderow['time'] > TIMESTAMP - 120) {
            $result=array("code"=>-1,"msg"=>'两次发送邮件之间需要相隔2分钟！');
        } else if ($emailcount > $conf['mail_count']) {
            $result=array("code"=>-1,"msg"=>'该邮箱发送次数过多，请更换邮箱！');
        } else if($ipcount > $conf['mail_countday']){
            $result=array("code"=>-1,"msg"=>'你今天发送次数过多，已被禁止接收验证码！');
        } else {
            $title = $conf['sitename'] . " - ".$names."验证码获取";
            $code = rand(1111111,9999999);//6位随机验证码
            $text = '您的验证码是：'.$code;//发送的信息
            $msg = youfas($title,$text);
            send_mail($email, $title, $msg);
            if ($DB->query("insert into `authguao_code` (`title`,`code`,`hm`,`time`,`date`,`ip`,`status`) values ('".$names."验证码','".$code."','".$email."','".TIMESTAMP."','".$date."','".$clientip."','0')")) {
                $_SESSION['send_mail'] = TIMESTAMP;
                $result=array("code"=>0,"msg"=>'发送验证码成功,请进入QQ邮箱查看！</br>验证码2分钟内有效哦，请赶快使用');
            } else {
                $result=array("code"=>-1,"msg"=>'发送验证码失败'.$DB->error());
            }
        }
    }
    exit(json_encode($result));
break;
case 'sqgh':
    if ($conf['change_open'] == 1) {
    $proid = intval($_POST['proid']);
    $qq = addslashes($_POST['qq']);
    $url = addslashes($_POST['url']);
    $urls = addslashes($_POST['urls']);
    $code = addslashes($_POST['code']);
    $email = daddslashes($qq.'@qq.com');
    $program = $DB->get_row("select * from authguao_program where id='" . $proid . "' limit 1");
    $siterow = $DB->get_row("SELECT * FROM authguao_site WHERE proid='".$proid."' and qq='".$qq."' and url='".$url."' limit 1");
    if(!$siterow){
        $siterow = $DB->get_row("SELECT * FROM authguao_site WHERE proid='".$proid."' and qq='".$qq."' and url='*.".get_host($url)."' limit 1");
    }
    $coderow = $DB->get_row("select * from authguao_code where code='".$code."' and hm='".$email."' limit 1");
    if (!$proid) {
        $result=array("code"=>-1,"msg"=>'请选择程序！');
    } else if (!$program) {
        $result=array("code"=>-1,"msg"=>'该程序不存在！');
    } else if (!$qq) {
        $result=array("code"=>-1,"msg"=>'请输入授权的QQ！');
    } else if (strlen($qq) < 5 || !preg_match('/^[0-9]+$/',$qq)) {
        $result=array("code"=>-1,"msg"=>'请输入正确的QQ！');
    } else if (!$url) {
        $result=array("code"=>-1,"msg"=>'请输入授权的域名！');
    } else if (strexists($url,"http://")) {
        $result = array("code"=>-1,"msg"=>"旧域名无需输入http://");
    } else if (!strexists($url,".")){
        $result = array("code"=>-1,"msg"=>"旧域名格式疑似不正确");
    } else if (strexists($urls,"http://")) {
        $result = array("code"=>-1,"msg"=>"新域名无需输入http://");
    } else if (!strexists($urls,".")){
        $result = array("code"=>-1,"msg"=>"新域名格式疑似不正确");
    } else if (!$coderow) {
        $result=array("code"=>-1,"msg"=>'验证码不正确！');
    } else if ($coderow['time'] < TIMESTAMP - 120 || $coderow['status'] > 0) {
        $result=array("code"=>-1,"msg"=>'验证码已失效，请重新获取！');
    } else if ($siterow['active'] == 0) {
        $result=array("code"=>-1,"msg"=>'该授权已被封禁！');
    } else if (!$siterow) {
        $result=array("code"=>-1,"msg"=>'该授权不存在！');
    } else {
        $sql = "update authguao_site set url='".$urls."' where id='".$siterow['id']."'";
        if ($DB->query($sql)) {
            $DB->query("update `authguao_site` set `ghcs`=`ghcs`+1 where `id`='" . $siterow["id"] . "'");
            if ($conf['auth_number_open'] == 1) {
                if ($siterow['ghcs'] > $conf['auth_number']) {
                    $DB->query("update authguao_site set active = 0 where id='".$siterow['id']."'");
                }
            }
        $DB->query("update `authguao_code` set `status` ='1' where `id`='{$coderow['id']}'");
            $result = array("code"=>0,"msg"=>'更换授权成功！');
        } else {
            $result = array("code"=>-1,"msg"=>'更换授权失败！'.$DB->error());
        }
    }
    } else {
        $result = array("code"=>-1,"msg"=>"管理员未开启在线更换模块");
    }
    exit(json_encode($result));
break;
case 'rzgh':
    if ($conf['change_open'] == 1) {
    $proid = intval($_POST['proid']);
    $qq = addslashes($_POST['qq']);
    $url = addslashes($_POST['url']);
    $urls = addslashes($_POST['urls']);
    $code = addslashes($_POST['code']);
    $email = daddslashes($qq.'@qq.com');
    $program = $DB->get_row("select * from authguao_program where id='" . $proid . "' limit 1");
    $payrow = $DB->get_row("SELECT * FROM authguao_paysite WHERE proid='".$proid."' and qq='".$qq."' and url='".$url."' limit 1");
    $coderow = $DB->get_row("select * from authguao_code where code='".$code."' and hm='".$email."' limit 1");
    if (!$proid) {
        $result=array("code"=>-1,"msg"=>'请选择程序！');
    } else if (!$program) {
        $result=array("code"=>-1,"msg"=>'该程序不存在！');
    } else if (!$qq) {
        $result=array("code"=>-1,"msg"=>'请输入认证的QQ！');
    } else if (strlen($qq) < 5 || !preg_match('/^[0-9]+$/',$qq)) {
        $result=array("code"=>-1,"msg"=>'请输入正确的QQ！');
    } else if (!$url) {
        $result=array("code"=>-1,"msg"=>'请输入认证的域名！');
    } else if (strexists($url,"http://")) {
        $result = array("code"=>-1,"msg"=>"旧域名无需输入http://");
    } else if (!strexists($url,".")){
        $result = array("code"=>-1,"msg"=>"旧域名格式疑似不正确");
    } else if (strexists($urls,"http://")) {
        $result = array("code"=>-1,"msg"=>"新域名无需输入http://");
    } else if (!strexists($urls,".")){
        $result = array("code"=>-1,"msg"=>"新域名格式疑似不正确");
    } else if (!$coderow) {
        $result=array("code"=>-1,"msg"=>'验证码不正确！');
    } else if ($coderow['time'] < TIMESTAMP - 120 || $coderow['status'] > 0) {
        $result=array("code"=>-1,"msg"=>'验证码已失效，请重新获取！');
    } else if ($payrow['active'] == 0) {
        $result=array("code"=>-1,"msg"=>'该认证已被封禁！');
    } else if (!$payrow) {
        $result=array("code"=>-1,"msg"=>'该认证不存在！');
    } else {
        $sql = "update authguao_paysite set url='".$urls."' where id='".$payrow['id']."'";
        if ($DB->query($sql)) {
            $DB->query("update `authguao_paysite` set `ghcs`=`ghcs`+1 where `id`='" . $payrow["id"] . "'");
            if ($conf['pay_number_open'] == 1) {
                if ($payrow['ghcs'] > $conf['pay_number']) {
                    $DB->query("update authguao_paysite set active = 0 where id='".$payrow['id']."'");
                }
            }
        $DB->query("update `authguao_code` set `status` ='1' where `id`='{$coderow['id']}'");
            $result = array("code"=>0,"msg"=>'更换认证成功！');
        } else {
            $result = array("code"=>-1,"msg"=>'更换认证失败！'.$DB->error());
        }
    }
    } else {
        $result = array("code"=>-1,"msg"=>"管理员未开启在线更换模块");
    }
    exit(json_encode($result));
break;
case 'downfile':
    if ($conf['getprogram_open'] == 1) {
    $proid = intval($_POST['proid']);
    $qq = daddslashes($_POST['qq']);
    $code = daddslashes($_POST['code']);
    $email = daddslashes($qq.'@qq.com');
    $program = $DB->get_row("select * from authguao_program where id='" . $proid . "' limit 1");
    $siterow = $DB->get_row("SELECT * FROM authguao_site WHERE proid='".$proid."' and qq='".$qq."' limit 1");
    $coderow = $DB->get_row("select * from authguao_code where code='".$code."' and hm='".$email."' limit 1");
    if (!$proid) {
        $result=array("code"=>-1,"msg"=>'请选择程序！');
    } else if (!$program) {
        $result=array("code"=>-1,"msg"=>'该程序不存在！');
    } else if (!$qq) {
        $result=array("code"=>-1,"msg"=>'请输入授权的QQ！');
    } else if (strlen($qq) < 5 || !preg_match('/^[0-9]+$/',$qq)) {
        $result=array("code"=>-1,"msg"=>'请输入正确的QQ！');
    } else if (!$coderow) {
        $result=array("code"=>-1,"msg"=>'验证码不正确！');
    } else if ($coderow['time'] < TIMESTAMP - 120 || $coderow['status'] > 0) {
        $result=array("code"=>-1,"msg"=>'验证码已失效，请重新获取！');
    } else if (!$siterow) {
        $result=array("code"=>-1,"msg"=>'该程序中不存在该QQ的授权！');
    } else {
        $installer='./api/download_get.php?my=installer&proid='.$proid.'&qq='.$qq.'&code='.$code.'&r='.TIMESTAMP;
        $updater='./api/download_get.php?my=updater&proid='.$proid.'&qq='.$qq.'&code='.$code.'&r='.TIMESTAMP;
        $result=array('code'=>0,'msg'=>'succ','name'=>$program['name'],'qq'=>$qq,'installer'=>$installer,'updater'=>$updater);
    }
    } else {
        $result = array("code"=>-1,"msg"=>"管理员未开启源码下载模块");
    }
    exit(json_encode($result));
break;
case 'image_shop':
    if($conf['Market_open']!=1)exit('{"code":-1,"msg":"商城系统正在维护更新，敬请期待！"}');
    $id=intval($_GET['id']);
    $row=$DB->get_row("SELECT * FROM authguao_shop WHERE id='{$id}' limit 1");
    if(!$row){
        exit('{"code":-1,"msg":"该商品记录不存在！"}');
    }
    $shopimg = explode(',', $row['image']);
    $i = 1;
    $ii = 1;
    $data = array();
    foreach($shopimg as $image){
        $data[] = array('alt'=>'商品'.$row['name'].'图'.$i++,'pid'=>$ii++,'src'=>$image,'thumb'=>$image);
    }
    $result=array("title"=>$row['name'],"id"=>$id,"start"=>0,"data"=>$data);
    exit(json_encode($result));
break;
case 'image_workorder':
    $id=intval($_GET['id']);
    $row=$DB->get_row("SELECT * FROM authguao_workorder WHERE id='{$id}' limit 1");
    if(!$row){
        exit('{"code":-1,"msg":"该工单记录不存在！"}');
    }
    $picurl = explode(',', $row['picurl']);
    $i = 1;
    $ii = 1;
    $data = array();
    foreach($picurl as $image){
        $data[] = array('alt'=>'工单ID：'.$row['id'].'图'.$i++,'pid'=>$ii++,'src'=>$image,'thumb'=>$image);
    }
    $result=array("title"=>'工单ID：'.$row['id'],"id"=>$id,"start"=>0,"data"=>$data);
    exit(json_encode($result));
break;
default:
    $result = array("code"=>-4,"msg"=>'No Act');
    exit(json_encode($result));
break;
}